avformat/mov: Fix memleak upon encountering repeating tags

mov_read_custom tries to read three strings belonging to three different
tags. When an already encountered tag is encountered again, a new buffer
for the string to be read is allocated and stored in the pointer
destined for this particular tag. But in this scenario, said pointer
already holds the address of the string read earlier, leading to a leak.

This commit therefore aborts the reading process upon encountering
an already encountered tag.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 47bbb3697d9d5649d8ffce4e4ef2ec0d77e48c2f..a59c804d16720093a4e7bbabd5364572c1670dab 100644 (file)
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -4434,6 +4434,9 @@ static int mov_read_custom(MOVContext *c, AVIOContext *pb, MOVAtom atom)
         } else
             break;
 
+        if (*p)
+            break;
+
         *p = av_malloc(len + 1);
         if (!*p) {
             ret = AVERROR(ENOMEM);